One Network to rule them all

10-11 Mar, DevOps.Barcelona

Christian Adell @chadell0

is this about networking? 😱🤯🤮🤢

Source: Transforming the network with open SDN by BigSwitch

SDN, Network Programmability, Intent-based, NetOps? 🤔

💛
💛

problem statement

hybrid ecosystem

let's connect them...

Internet isn't (always) the best option

Manual provisioning doesn't scale

Not all traffic is encrypted (yet)

we tried to solve all in one

and we failed 😞

but we learned a lot

User first

Focus on urgent needs

Modular design

then, we build a network service 👩🏻‍🔧

Developers 💛 being autonomous

Developers 💛 APIs

Developers don't care about network details 😑

Developers 💛 performance

Support multiple providers 🤯

Continuous monitoring 👩‍🚒

Visibility 🧐

New approach

Architecture

Technology Stack

IaaS PaaS SaaS FaaS
EC2, ASG RDS, Route53, ALB, SQS, SES DataDog, Sumologic, Okta Lambda

Written in Python 🐍 following 12-Factor APP


API Worker Scheduler
Swagger, NGINX, Gunicorn, Flask, SQLAlchemy Providers' API wrapper Lambda using Zappa

CI / CD

Code Snippets

class Connection(object):
    @staticmethod
    def factory(connection):
        if not connection.get('ctype'):
            try:
                evaluator = ConnectionEvaluator.factory(connection)
                connection['ctype'] = evaluator.evaluate()
            except (VpcPeeringLimitReached, CIDROverlap):
                raise ProcessConnectionUnrecoverableError

        if connection['ctype'] == 'AWS_PEERING':
            return AWSPeeringConnection(connection)
        ...
        else:
            raise NotImplementedError("Unknown connection type: {}".format(connection['ctype']))

class AWSPeeringConnection(Connection):
    def __init__(self, connection):
        super(AWSPeeringConnection, self).__init__(connection)
        ...

def create(self):
    try:
        if self.peering_id is not None:
            raise GSNVPCPeeringUnrecoverableError(
                'An peering id {} should not be provided when creating a VPCPeering'.format(self.peering_id))

        if self._already_present():
            raise GSNVPCPeeringUnrecoverableError('VPC Peering betwen {} and {} already present'.format(
                self.left_vpc.vpc_id, self.right_vpc.vpc_id))

        response = self.left_vpc.ec2_client.create_vpc_peering_connection(
            VpcId=self.left_vpc.vpc_id,
            PeerOwnerId=self.right_vpc.account_id,
            PeerVpcId=self.right_vpc.vpc_id,
            PeerRegion=self.right_vpc.region_name,
        )
        self._peering_id = response['VpcPeeringConnection']['VpcPeeringConnectionId']
        ...

Users' POV

Mappings

Demo Scenario

Takeaways

for software engineers

  • Adopt a network engineer 🤗
  • Don't underestimate the impact of networking on your applications' performance
  • Maximize DevOps effect implies everyone

for network engineers

  • Don’t be afraid of going out of your comfort zone 💪🏻
  • Learning coding will give you superpowers 🙇🏻
  • Adopting a DevOps approach will speed up your business (and career)
  • Networking is a key skill in IT, bring it close to the business

Thanks for your attention

Q/A